Alex Barylo on Wed, 26 Apr 2000 09:43:54 -0400 (EDT)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Fresh GNU Emacs, SuSE vulnerabilities


I'm sorry for off topic guys, but since some people on this list
are using Emacs and SuSE and some bugs are scary I thought it might
me useful.

Alex.

------------------------ CUT HERE ----------------------------

16. GNU Emacs Local Eavesdropping Vulnerabilities
BugTraq ID: 1125
Remote: No
Date Published: 2000-04-18
Relevant URL:
http://www.securityfocus.com/bid/1125
Summary:

A vulnerability exists in Emacs 20, that allows any user on a
multiuser
system to eavesdrop on, or forge responses to, an Emacs client. 
The
vulnerability stems from Emacs failure to properly set permissions
for
slave PTY devices.  Operating systems where Emacs is affected
include
Linux, FreeBSD, HP-UX 10.x and 11.00, and AIX 4.  Solaris is not 
affected.

17. GNU Emacs Temporary File Creation Vulnerability
BugTraq ID: 1126
Remote: No
Date Published: 2000-04-18
Relevant URL:
http://www.securityfocus.com/bid/1126
Summary:

A vulnerability exists in Emacs 20, from GNU. Current versions of
Emacs
are incapable of securely creating temporary files from emacs-lisp.

File
names are predictable, and will follow existing symlinks. This
would 
allow
for a myriad of attacks, from overwriting files, to gaining access
to 
any
Emacs user's account.

18. GNU Emacs Password History Vulnerability
BugTraq ID: 1127
Remote: No
Date Published: 2000-04-18
Relevant URL:
http://www.securityfocus.com/bid/1127
Summary:

A vulnerability exists in the way in which passwords are stored in
history, in Emacs 20, from GNU. Passwords read using the
read-password
function under emacs-lisp are not cleared from the history cache.
This
means that anyone who has access to an Emacs session on a terminal
can 
use
the history to potentially gain passwords captured.

21. SuSE Linux Arbitrary File Deletion Vulnerability
BugTraq ID: 1130
Remote: No
Date Published: 2000-04-21
Relevant URL:
http://www.securityfocus.com/bid/1130
Summary:

A vulnerability exists in SuSE Linux, version 6.3 and prior, that
can
allow arbitrary users to delete any file on the system.  If the
MAX_DAYS_IN_TMP variable is set in /etc/rc.config to be larger than
0, 
any
local user can remove any file on the system.  This is due to a
flaw in
/etc/cron.daily/aaa_base in SuSE 6.3, or /root/bin/cron.daily in
older
versions.

=====
Before the accident, I could not even spell UNIX

__________________________________________________
Do You Yahoo!?
Send online invitations with Yahoo! Invites.
http://invites.yahoo.com
**Majordomo list services provided by PANIX <URL:http://www.panix.com>**
**To Unsubscribe, send "unsubscribe phl" to majordomo@lists.pm.org**